5124 matches found
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2025-49794: Fixed a heap use after free which could lead to denial of service. bsc1244554 CVE-2025-49796: Fixed type confusion which could lead to denial of service. bsc1244557 CVE-2025-6170: Fixed a stack buffer overflow which could lead to...
Security update for afterburn
This update for afterburn fixes the following issues: Update to version 5.8.2: cargo: Afterburn release 5.8.2 docs/release-notes: update for release 5.8.2 cargo: update dependencies packit: add initial support Update to version 5.7.0: builddeps: bump crossbeam-channel from 0.5.13 to 0.5.15...
Security update for sudo
This update for sudo fixes the following issues: CVE-2025-32462: Fix a possible local privilege escalation via the --host option bsc1245274 CVE-2025-32463: Fix a possible local privilege Escalation via chroot option bsc1245275 Patch Instructions: To install this SUSE update use the SUSE recommend...
Security update for perl-YAML-LibYAML
This update for perl-YAML-LibYAML fixes the following issues: CVE-2025-40908: YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified bsc1243902 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for wireshark
This update for wireshark fixes the following issues: CVE-2025-5601: Dissection engine crash bsc1244081. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your...
Security update for wireshark
This update for wireshark fixes the following issues: CVE-2025-5601: Dissection engine crash bsc1244081. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your...
Security update for the Linux Kernel
This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...
Security update for the Linux Kernel
This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...
Security update for tomcat10
This update for tomcat10 fixes the following issues: Fixed refactor CGI servlet to access resources via WebResources bsc1243815. Fixed limits the total number of parts in a multi-part request and limits the size of the headers provided with each part bsc1244656. Fixed expand checks for webAppMoun...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2025-49794: Fixed a heap use after free which could lead to denial of service. bsc1244554 CVE-2025-49796: Fixed type confusion which could lead to denial of service. bsc1244557 CVE-2025-49795: Fixed a null pointer dereference which could lea...
Recommended update for gpg2
This update for gpg2 fixes the following issues: CVE-2025-30258: Fixed DoS due to a malicious subkey in the keyring bsc1239119. Other bugfixes: Do not install expired sks certificate bsc1243069. gpg hangs when importing a key bsc1236931. Patch Instructions: To install this SUSE update use the SUS...
Security update for gpg2
This update for gpg2 fixes the following issues: CVE-2025-30258: Fix a verification DoS due to a malicious subkey in the keyring: bsc1239119, bsc1236931 gpg: Fix regression for the recent malicious subkey DoS fix. gpg: Fix another regression due to the T7547 fix. gpg: Allow the use of an ADSK...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL bsc1228557. CVE-2024-49568: net/smc: check v2extoffset/eidcnt/ismgidcnt when...
Security update for helm-mirror
This update for helm-mirror fixes the following issues: CVE-2025-32386: Fixed denial of service due to memory exhaustion after loading a specially crafter chart bsc1241028 CVE-2025-32387: Fixed stack overflow due to parser recursion that can exceed the stack size limit bsc1241031 Patch...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL bsc1228557. CVE-2024-49568: net/smc: check v2extoffset/eidcnt/ismgidcnt when...
Security update for python-Django
This update for python-Django fixes the following issues: CVE-2025-48432: Add an additional hardening for CVE-2025-48432 bsc1244095 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for systemd
This update for systemd fixes the following issues: CVE-2025-4598: Fixed race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump bsc1243935. Other bugfixes: logs-show: get timestamp and boot ID only when necessary bsc1242827. Patch...
Security update for systemd
This update for systemd fixes the following issues: CVE-2025-4598: Fixed race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump bsc1243935. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods li...
Security update for apache2
This update for apache2 fixes the following issues: CVE-2024-38477: Fixed null pointer dereference in modproxy bsc1227270. CVE-2024-39573: Fixed source code disclosure with handlers configured via AddType bsc1227271. CVE-2024-39884: Fixed source code disclosure of local content bsc1227353...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2025-27587: Fixed Minerva side channel vulnerability in P-384 bsc1240366. Backport mdless cms signing support jscPED-12895 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate...
Security update for glib2
This update for glib2 fixes the following issues: Security issues: CVE-2025-4373: Fixed handling gssize parameters bsc1242844. CVE-2025-3360: Fixed integer overflow and buffer underread when parsing a very long and invalid ISO 8601 timestamp with gdatetimenewfromiso8601 bsc1240897 Non security...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2025-4373: integer overflow in the gstringinsertunichar function can lead to buffer underwrite and memory corruption bsc1242844. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupda...
Security update for python39
This update for python39 fixes the following issues: CVE-2025-6069: Avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser bsc1244705. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupda...
Security update for valkey
This update for valkey fixes the following issues: CVE-2025-27151: Absence of filename size check may cause a stack overflow bsc1243804. CVE-2025-49112: setDeferredReply integer underflow bsc1243913. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods lik...
Security update for samba
This update for samba fixes the following issues: CVE-2025-0620: smbd doesn't pick up group membership changes when re-authenticating an expired SMB session bsc1244136. Other bugfixes: net ad join fails with "Failed to join domain: failed to create kerberos keytab" bsc1238063. Patch Instructions:...
Security update for libssh
This update for libssh fixes the following issues: CVE-2025-5318: Fixed likely read beyond bounds in sftp server handle management bsc1245311. CVE-2025-4877: Fixed write beyond bounds in binary to base64 conversion functions bsc1245309. CVE-2025-4878: Fixed use of uninitialized variable in...
Security update for vim
This update for vim fixes the following issues: CVE-2024-41965: Fixed improper neutralization of argument delimiters in zip.vim that could have led to data loss bsc1228776. CVE-2025-29768: Fixed double-free in dialogchanged bsc1239602. Patch Instructions: To install this SUSE update use the SUSE...
Security update for vim
This update for vim fixes the following issues: CVE-2024-41965: Fixed improper neutralization of argument delimiters in zip.vim that could have led to data loss bsc1228776. CVE-2025-29768: Fixed double-free in dialogchanged bsc1239602. Patch Instructions: To install this SUSE update use the SUSE...
Security update for vim
This update for vim fixes the following issues: CVE-2024-41965: Fixed improper neutralization of argument delimiters in zip.vim that could have led to data loss bsc1228776. CVE-2025-29768: Fixed double-free in dialogchanged bsc1239602. Patch Instructions: To install this SUSE update use the SUSE...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-49176: Fixed the integer overflow in Big Requests Extension bsc1244084. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-49176: Fixed the integer overflow in Big Requests Extension bsc1244084. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...
Security update for stalld
This update for stalld fixes the following issues: Update to 1.19.8. Check https://gitlab.com/rt-linux-tools/stalld/-/releases for the full list of changes. Changes since 1.19.6: Address CVE-2024-54159, which is a DoS issue with the way throttlectl.sh uses temp files bsc1230327 Fix a compilation...
Security update for gpg2
This update for gpg2 fixes the following issues: gpg: Allow the use of an ADSK subkey as ADSK subkey. bsc1239119 CVE-2025-30258 Don't install expired sks certificate bsc1243069 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for libgepub
This update for libgepub fixes the following issues: CVE-2025-6196: Fixed an integer overflow in the EPUB archive handling code that can leads to massive memory allocation and application crash. bsc1244704 Patch Instructions: To install this SUSE update use the SUSE recommended installation metho...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation bsc1236136 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you c...
Security update for icu
This update for icu fixes the following issues: CVE-2025-5222: Fixed stack buffer overflow in the SRBRoot:addTag function bsc1243721 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for tomcat
This update for tomcat fixes the following issues: CVE-2025-46701: Refactored CGI servlet to access resources via WebResources bsc1243815. CVE-2025-48988: Limited the total number of parts in a multi-part request and limits the size of the headers provided with each part bsc1244656. CVE-2025-4912...
Security update for libgepub
This update for libgepub fixes the following issues: CVE-2025-6196: Fixed an integer overflow in the EPUB archive handling code that can leads to massive memory allocation and application crash. bsc1244704 Patch Instructions: To install this SUSE update use the SUSE recommended installation metho...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-4945: Add value checks for date/time parsing bsc1243314. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command liste...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-49176: Fixed the integer overflow in Big Requests Extension bsc1244084. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-49176: Fixed the integer overflow in Big Requests Extension bsc1244084. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-49176: Fixed the integer overflow in Big Requests Extension bsc1244084. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...
Security update for python-requests
This update for python-requests fixes the following issues: CVE-2024-47081: fixes netrc credential leak bsc1244039. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...
Security update for clamav
This update for clamav fixes the following issues: ClamAV version 1.4.3: CVE-2025-20260: PDF Scanning Buffer Overflow Vulnerability bsc1245054. CVE-2025-20234: Vulnerability in Universal Disk Format UDF processing bsc1245055. Other bugfixes: Fix a race condition between the mockup servers started...
Security update for clamav
This update for clamav fixes the following issues: ClamAV version 1.4.3: CVE-2025-20260: PDF Scanning Buffer Overflow Vulnerability bsc1245054. CVE-2025-20234: Vulnerability in Universal Disk Format UDF processing bsc1245055. Patch Instructions: To install this SUSE update use the SUSE recommende...
Security update for runc
This update for runc fixes the following issues: CVE-2024-45310: Fixed unintentional creation of empty files/directories on host bsc1230092 Other fixes: Update to runc v1.2.6. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for python-cryptography
This update for python-cryptography fixes the following issues: CVE-2025-3416: openssl: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242631 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for python-setuptools
This update for python-setuptools fixes the following issues: CVE-2025-47273: Fixed path traversal vulnerability in PackageIndex bsc1243313 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-49176: Fixed the integer overflow in Big Requests Extension bsc1244084. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...
Security update for xwayland
This update for xwayland fixes the following issues: CVE-2025-49176: Fixed the integer overflow in Big Requests Extension bsc1244084. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...